ISPE-FDA 3 rd Annual CGMP Conference 2 4 June 2014 Baltimore, MD

Transcription

1 Current Inspectional and Compliance Issues in Data Integrity Data Integrity Breaches: Perception, Misunderstanding, or Reality? Carmelo Rosa, M.S., Psy.D. (US FDA) Director, Division of International Drug Quality, Office of Compliance, Office of Manufacturing and Product Quality 1 Disclaimer The view represented do not necessarily represent those of the U.S. government or FDA 2 Objectives Explain distinction between breaches to data integrity (BDI) and a violation to CGMP: Is this a new discovery? What does it take to evaluate and detect BDI? Explain different scenarios and example of data integrity: prior, during and after an inspection How do we resolve the problem? Common Responses Conclusions 3 1

2 General Key Concepts (not official definitions, but general descriptions) Data Accuracy dependent on instrument or equipment calibration and/or qualification Data Integrity data is reliable, consistent and complete Data Security password policies and access levels Falsification-alter, mislead, misrepresent, lie, deceit, forge, provide or submit incorrect or inaccurate information to gain a benefit or 4 intention to deceive What is Data Integrity? Data is complete and trustworthy Data is reliable, consistent and accurate Why is Data Integrity Important? Permits reliance on the information used to evaluate drug quality and compliance with requirements BDI is a break in trust Regulators rely largely on firms to do the right thing when we are not there FDA s GMP surveillance inspections are intended to provide information for evaluating compliance with CGMP requirements; not intended as mechanism to do 100% data verification 6 2

3 Therefore, The inability to detect and prevent breaches in data integrity practices raises serious concerns about the reliability and effectiveness of the quality system. It is imperative that the data generated and used to make manufacturing and quality decisions is trustworthy and reliable. How do we know the difference between BDI situation and a GMP violation? Intent to deceive VS a mistake? 1. Can the back dating be a GMP violation, a BDI issue, or both? 2. Failure to Protect Computerized Data from authorize changes or access: Is this a GMP, a BDI, a potential BDI, a procedural issue, or all of the above? How do we know the difference between BDI situation and a GMP violation? 3. Is deleting/destroying, hiding electronic or paper files, and not investigating and reporting failures, purely GMP violations, or purely BDI, or both, or none? 9 3

4 BDI issue, GMP violation or both? Your QC Chemist admitted that, under the direction of a senior colleague, he had recorded false visual examination data in the logbooks for reserve samples Your firm s failure to prevent, detect, and rectify the falsification of your GMP documentation is concerning. BDI issue, GMP violation or both? Out-of-specification or undesirable results were ignored and not investigated Samples were retested without a record of the reason for the retest or an investigation. Only passing results were considered valid, and were used to release batches of APIs intended for US distribution. BDI issue, GMP violation or both? Unacceptable practices in the management of electronic data were also noted. The management of electronic data permitted unauthorized changes, as digital computer folders and files could be easily altered or deleted. 4

5 FDA Regulations (expectation) 21 CFR (b) Automatic, mechanical, and electronic equipment Changes in records instituted only by authorized personnel Input to and output from the computer or related system of formulas or other records or data checked for accuracy Degree and frequency based on the complexity and reliability of the computer or related system 13 FDA Regulations (expectation) 21 CFR (b) Automatic, mechanical, and electronic equipment (cont.) Backup file of data entered into the computer or related system is maintained Hard copy or duplicates, tapes, or microfilm Exact and complete Secure from alteration, inadvertent erasures, or loss 14 FDA Regulations (expectation) 21 CFR (b) Automatic, mechanical, and electronic equipment (cont.) Written record of the program maintained along with appropriate validation data for data eliminated by computerization or other automated processes Example: Calculations performed in connection with laboratory analysis 15 5

6 Guidance to Industry ICH Q7 Computerized Systems (5.4) GMP-related computerized systems should be validated. The depth and scope of validation depends on the diversity, complexity, and criticality of the computerized application. Appropriate installation and operational qualifications should demonstrate the suitability of computer hardware and software to perform assigned tasks. 16 Guidance to Industry ICH Q7 Computerized Systems (5.4) Incidents related to computerized systems that could affect the quality of intermediates or APIs or the reliability of records or test results should be recorded and investigated. 17 Guidance to Industry ICH Q7 Computerized Systems (5.4) Changes to computerized systems should be made according to a change procedure and should be formally authorized, documented, and tested. Records should be kept of all changes, including modifications and enhancements made to the hardware, software, and any other critical component of the system. These records should demonstrate that the system is maintained in a validated state. 18 6

7 FDA Regulations 21 CFR Part 11: Electronic Records, Electronic Signatures Rule became effective on August 20, cfr/cfrsearch.cfm?cfrpart=11&showfr=1 19 FDA Guidances Guidance for Industry: Part 11, Electronic Records; Electronic Signatures - Scope and Application, August /ucm htm Issued in response to an agency-wide initiative on CGMPs for the 21 st century Addresses a narrow interpretation of Part 11 until reexamination of the regulation is completed 20 Scope and Application Guidance Audit Trails [11.10(e), (k)(2) and 11.30] Requires the use of secure, computer generated, time stamped audit trails to independently record the date and time of operator entries and actions. 21 7

8 Scope and Application Guidance Audit Trails [11.10(e), (k)(2) and 11.30] Individuals must comply with applicable predicate rule, i.e., date, time or sequence of events Availability of physical, logical or procedural security measures to ensure reliability of records Determine if users are able to create, modify, or delete regulated records during normal operation 22 Summary of Regulatory Expectation All quality-related activities should be recorded at the time they are performed Any deviation should be documented and explained Critical deviations should be investigated, and the investigation and its conclusion should be documented. BDI and General Regulatory Expectation 1. Manufacturers are expected to establish, document, and implement an effective system for managing quality 2. The system for managing quality should encompass the organizational structure, procedures, processes and resources, as well as activities to ensure confidence drugs will meet its intended specifications for quality and purity. 8

9 BDI and General Regulatory Expectation 3. Not being aware of on-going data integrity practices does not exempt one from the responsibility. SEE NEXT SLIDE FOR WL EXAMPLE Testing into Compliance Recent uptick in observations in this area A common way of manipulation within a QC laboratory that we have found in recent time. An increase of this practice has been noted during the production of APIs and FDPs exported into the United States (more frequently observed during the manufacture of generic drugs). 26 WL Language- API Site SM informed FDA investigators that they were unaware of information generated at the XXX plant that may have an impact on the quality of API. Your SM, at the local and corporate levels, is responsible for assuring that strict corporate standards, procedures, resources, and communication processes are in place to detect and prevent breaches in data integrity, and that such significant issues are identified, escalated, and addressed in a timely manner. 9

10 ICH Q7 Language: MAKING SURE (MS) 1. MS critical deviations are investigated, resolved, conclusions recorded 2. MS that quality-related complaints are investigated and resolved 3. MS that effective systems are used for maintaining and calibrating critical equipment General Expectation in Q7 is: MAKING SURE (MS) 4. MS that materials are appropriately tested and the results are reported 5. MS that there is stability data to support retest or expiry dates and storage conditions on APIs and/or intermediates, where appropriate General Expectation in Q7 is: MAKING SURE (MS) 6. MS that all production deviations are reported and evaluated and that critical deviations are investigated and the conclusions are recorded 7. MS that production facilities are clean and, when appropriate, disinfected 8. MS that the necessary calibrations are performed and records kept 10

11 General Expectation in Q7 is: MAKING SURE (MS) 9. MS that the premises and equipment are maintained and records kept 10. MS that validation protocols and reports are reviewed and approved 11. MS that new and, when appropriate, modified facilities and equipment are qualified What Does it Take to Detect BDI? Requires attention to detail and a good understanding of the processes/systems evaluated At least some basic understanding of electronic software systems used to collect, store, and process analytical raw data. 32 What Does it Take to Detect BDI? The inspector, investigator or auditor should have regulatory and technical knowledge. Must know what he/she is evaluating and what can happen if unexpected results are obtained. Rarely will BDI be obvious to detect, so assumptions that the entire universe is good and honest may represent additional challenges to detect BDI 33 11

12 What Does it Take to Detect BDI? The possibility for a breach in the integrity of the data to occur is usually associated to a weak or deficient quality structure that provides little or no oversight, or is unable to prevent these breaches. Breaches in the integrity of data is not a cultural issue, as it may and has occurred in different regions and environments, including the US. 34 To Successfully Evaluate Electronic Data: 1. Willing to spend time verifying and evaluating the information, as BDI has become more sophisticated 2. If your audit or inspection is a one day inspection, following a checklist or standard questionnaire, it is unlikely that BDI will be detected 35 To Successfully Evaluate Electronic Data Basic chromatography and laboratory operations must be understood Need to know what the information mean or represents: mobile phase, sample vs standard injections, sample weights, equipment printouts, examining dates and time of event, identity of samples, sample preparations, vial location in the HPLC carrousel, etc

13 Current Inspectional BDI Problems Incomplete or altered data Backdating Fabricating data Discarding data Testing into compliance Changing integration parameters of chromatographic data to obtain passing results 37 Different Scenarios and Examples of Data Integrity: Prior, During and After an Inspection 38 Current Inspectional BDI Problems Failure to record activities contemporaneously Failure to review source electronic data Loss of data during changes to the system Failure to retain raw data Turning off audit trail capabilities Password sharing Inadequate controls for access privileges Manipulating integration parameters 39 13

14 Examples of BDI Quality Control Data Destruction of raw data not meeting specification What??? Missing raw data Re-writing laboratory notebooks Unjustified invalidation of data and re-testing without a laboratory investigation 40 Examples of BDI Microbiological testing Growth on microbiological plates was observed and recorded as no growth The plates were double checked by a second employee This happened at three unrelated firms manufacturing sterile finished dosage forms 41 Examples of BDI Making up records during an FDA inspection Batch records Training records Removing records and equipment before the inspection 42 14

15 Consequences Recalls Warning or Untitled Letters Import Alert Injunction Application Integrity Policy Invocation PATIENT HARM! 43 BDI Examples Indiscriminate retesting of raw materials, intermediate drug products, and finished API in order to produce acceptable test results. Failures were not reported or investigated to find the cause. Why are we seeing more BDI? 1. Superficial or ineffective controls 2. NO checks and balance 3. Management lacking expertise or competency to detect the problems 4. Audit trail manipulation-no true security 5. Accuracy, authenticity and integrity is assumed and not verified 6. Poor security management, no Back UP- Archive 15

16 Why are we seeing more BDI? 7. Are users prevented from deleting electronic records from within the software or outside the software application? 8. Can the use alter the time/date stamp for the system? 9. Does the system have computer generated audit trails in place to track changes and deletions of critical data? Why are we seeing more BDI? 10.Are user rights restricted to ensure users cannot turn on/off the computergenerated audit trails? 11.Is someone from management verifying the electronic records/files for possible deletions or alterations. WLs References to BDI Your firm deleted multiple HPLC data files acquired in 2013 allegedly to clear hard drive space w/o creating back-ups. Your management confirmed there is no audit trail 16

17 WLs References to BDI Top site management admitted both, testing and manufacturing operations that occurred outside of the quality system, but assuming no responsibility. WL References to BDI Selection of only passing results from HPLC and GC (gas chromatography) data, while failing test results are disregarded, ignored, and more concerning, not investigated. This practice was noted during the testing of raw materials, finished drug release and stability studies. WL References to BDI Undesirable electronic raw data related to GC testing were found in the PC Recycle Bin. Partially destroyed hardcopy records of equipment maintenance and instrumentation calibration data were found, as well as 5,000 deleted HPLC data files. 17

18 WL References to BDI Failure to ensure that lab records included complete data derived from all tests necessary to ensure compliance with established specifications and standards. Firm frequently performs unofficial testing of samples, disregards results, and reports results from additional tests. During stability firm tested a batch 6 times and subsequently deleted the data How Do We Resolve the Problem? 53 Basic Questions that Can Help Detect BDI Who-When-What- How: Is Data collected? Is Data processed? Is Data reviewed? Is Data reported? 18

19 Key Areas for Consideration When Assessing Possible BDIs 1. Is the data reliable, trustworthy and verifiable. 2. Did the firm follow GMPs in their decisions, documentation & reporting? 3. Is the data traceable and/or referenced to original raw data and reviewed by a reliable quality structure? Key Areas for Consideration When Assessing Possible BDIs 4. How long in a process can an employee go w/o direct oversight? 5. How do you know all the data is being presented? 6. Do you have mechanisms to ensure the data is authentic? Key Areas for Consideration When Assessing Possible BDIs 7. For manual data entry is there a second check performed by a second person or the system itself. 8. Computerized systems should have sufficient controls to prevent unauthorized access or changes to data. 19

20 Key Areas for Consideration When Assessing Possible BDIs 9. Laboratory control records should include complete data derived from all tests conducted to ensure compliance with established specifications and standards, including examinations and assays Key Areas for Consideration When Assessing Possible BDIs 10. There should be controls to prevent omissions in data (e.g., system turned off and data not captured). 11. There should be a record of any data change made, the previous entry, who made the change, and when the change was made. OMPQ1 Some common responses when BDIs are found It was 1 or 2 employees cutting corners This has never happened before Management was not aware of these practices Quality is not compromised Isolated Incident We have revised the SOP Fire the employee We have hired consultants The deletion of files was an error or inadvertent 60 20

21 Slide 60 OMPQ1 Seems out of place. You've jumped around from basic questions and how to detect and prevent BDI, to regs and guidance on various things, and in the next few slides, you go back to detection--the talk needs some reorganizing and arranging under the basic outline of objectives you provided at the beginning. I think if you do that, you'll find that you have some redundant material that should be eliminated. This particular material on responses would seem better placed after you've completed your discussion of ways to detect and prevent and your discussion of examples of observations. CDER/OC/OMPQ, 6/2/2014

22 Concluding Remarks 1. It is relevant to know how to address a basic GMP violation versus falsification or BDI 2. Existing systems should be able to ensure data integrity, traceability and reliability. 3. Companies who outsource operations should have systems in place to verify and compare the data generated by their contractor Concluding Remarks 4. Once BDI Practices are found, known or uncovered, A CHANGE TO AN SOP OR FIRING AN EMPLOYEE IS NOT ENOUGH!!!! 5. If it looks to good to be true, it probable is not true, so keep your eyes WIDE opened Acknowledgements Capt. Alicia Mozzachio- CDER/Branch Chief Rebeca Rodriguez FDA/ORA National Expert Karen Takahashi CDER/Senior Policy Advisor Paula Katz- Acting Branch Chief/Regulatory Counsel 63 21

23 Our kids assume the drugs they take are made right and are safe and will make them feel better!!!! 22